Project

General

Profile

1 1365 Luisehahne
<?php
2
/**
3
 *
4 1529 Luisehahne
 * @category        framework
5 1698 Luisehahne
 * @package         frontend
6 1782 Luisehahne
 * @author          Ryan Djurovich (2004-2009), WebsiteBaker Project
7 1698 Luisehahne
 * @copyright       2009-2012, WebsiteBaker Org. e.V.
8 1365 Luisehahne
 * @link			http://www.websitebaker2.org/
9
 * @license         http://www.gnu.org/licenses/gpl.html
10
 * @platform        WebsiteBaker 2.8.x
11 1374 Luisehahne
 * @requirements    PHP 5.2.2 and higher
12 1365 Luisehahne
 * @version         $Id$
13 1457 Luisehahne
 * @filesource		$HeadURL$
14
 * @lastmodified    $Date$
15 1365 Luisehahne
 *
16
 */
17 1496 DarkViper
/* -------------------------------------------------------- */
18
// Must include code to stop this file being accessed directly
19 1499 DarkViper
if(!defined('WB_PATH')) {
20
	require_once(dirname(__FILE__).'/globalExceptionHandler.php');
21
	throw new IllegalFileException();
22
}
23 1496 DarkViper
/* -------------------------------------------------------- */
24 1365 Luisehahne
// Include PHPLIB template class
25
require_once(WB_PATH."/include/phplib/template.inc");
26
// Include new wbmailer class (subclass of PHPmailer)
27
require_once(WB_PATH."/framework/class.wbmailer.php");
28 1462 DarkViper
//require_once(WB_PATH."/framework/SecureForm.php");
29 1365 Luisehahne
30
class wb extends SecureForm
31
{
32
33 1457 Luisehahne
 	public $password_chars = 'a-zA-Z0-9\_\-\!\#\*\+\@\$\&\:';	// General initialization function
34 1782 Luisehahne
35 1365 Luisehahne
	// performed when frontend or backend is loaded.
36 1394 Luisehahne
	public function  __construct($mode = SecureForm::FRONTEND) {
37
		parent::__construct($mode);
38 1365 Luisehahne
	}
39
40 1791 Luisehahne
/**
41
 *
42
 *
43
 * @return array of first visible language pages with defined fields
44
 *
45
 */
46
	public function GetLanguagesDetailsInUsed ( ) {
47
        global $database;
48 1796 Luisehahne
        $aRetval = array();
49 1791 Luisehahne
        $sql =
50
            'SELECT DISTINCT `language`'.
51
            ', `page_id`,`level`,`parent`,`root_parent`,`page_code`,`link`,`language`'.
52
            ', `visibility`,`viewing_groups`,`viewing_users`,`position` '.
53
            'FROM `'.TABLE_PREFIX.'pages` '.
54
            'WHERE `level`= \'0\' '.
55
              'AND `root_parent`=`page_id` '.
56
              'AND `visibility`!=\'none\' '.
57
              'AND `visibility`!=\'hidden\' '.
58
            'GROUP BY `language` '.
59
            'ORDER BY `position`';
60 1782 Luisehahne
61 1791 Luisehahne
            if($oRes = $database->query($sql))
62
            {
63
                while($page = $oRes->fetchRow(MYSQL_ASSOC))
64
                {
65
                    if(!$this->page_is_visible($page)) {continue;}
66 1796 Luisehahne
                    $aRetval[$page['language']] = $page;
67 1791 Luisehahne
                }
68
            }
69 1796 Luisehahne
        return $aRetval;
70 1782 Luisehahne
	}
71
72 1791 Luisehahne
/**
73
 *
74
 *
75
 * @return comma separate list of first visible languages
76
 *
77
 */
78
	public function GetLanguagesInUsed ( ) {
79 1796 Luisehahne
        return implode(',', array_keys($this->GetLanguagesDetailsInUsed()));
80
  	}
81 1782 Luisehahne
82
83 1373 Luisehahne
/* ****************
84 1440 Luisehahne
 * check if one or more group_ids are in both group_lists
85
 *
86
 * @access public
87
 * @param mixed $groups_list1: an array or a coma seperated list of group-ids
88
 * @param mixed $groups_list2: an array or a coma seperated list of group-ids
89
 * @param array &$matches: an array-var whitch will return possible matches
90
 * @return bool: true there is a match, otherwise false
91
 */
92 1698 Luisehahne
	public function is_group_match( $groups_list1 = '', $groups_list2 = '', &$matches = null )
93 1440 Luisehahne
	{
94
		if( $groups_list1 == '' ) { return false; }
95
		if( $groups_list2 == '' ) { return false; }
96
		if( !is_array($groups_list1) )
97
		{
98
			$groups_list1 = explode(',', $groups_list1);
99
		}
100
		if( !is_array($groups_list2) )
101
		{
102
			$groups_list2 = explode(',', $groups_list2);
103
		}
104
		$matches = array_intersect( $groups_list1, $groups_list2);
105
		return ( sizeof($matches) != 0 );
106
	}
107
/* ****************
108 1373 Luisehahne
 * check if current user is member of at least one of given groups
109
 * ADMIN (uid=1) always is treated like a member of any groups
110
 *
111
 * @access public
112
 * @param mixed $groups_list: an array or a coma seperated list of group-ids
113
 * @return bool: true if current user is member of one of this groups, otherwise false
114
 */
115 1698 Luisehahne
	public function ami_group_member( $groups_list = '' )
116 1373 Luisehahne
	{
117
		if( $this->get_user_id() == 1 ) { return true; }
118
		return $this->is_group_match( $groups_list, $this->get_groups_id() );
119
	}
120
121 1791 Luisehahne
// Check whether a page is visible or not.
122
// This will check page-visibility and user- and group-rights.
123
/* page_is_visible() returns
124
	false: if page-visibility is 'none' or 'deleted', or page-vis. is 'registered' or 'private' and user isn't allowed to see the page.
125
	true: if page-visibility is 'public' or 'hidden', or page-vis. is 'registered' or 'private' and user _is_ allowed to see the page.
126
*/
127 1698 Luisehahne
	public function page_is_visible($page)
128 1365 Luisehahne
    {
129 1698 Luisehahne
		// First check if visibility is 'none', 'deleted'
130 1373 Luisehahne
		$show_it = false; // shall we show the page?
131 1698 Luisehahne
		switch( $page['visibility'] )
132
		{
133
			case 'none':
134
			case 'deleted':
135
				$show_it = false;
136
				break;
137
			case 'hidden':
138
			case 'public':
139
				$show_it = true;
140
				break;
141
			case 'private':
142
			case 'registered':
143
				if($this->is_authenticated() == true)
144
				{
145
					$show_it = ( $this->is_group_match($this->get_groups_id(), $page['viewing_groups']) ||
146
								 $this->is_group_match($this->get_user_id(), $page['viewing_users']) );
147
				}
148 1373 Luisehahne
		}
149
150 1365 Luisehahne
		return($show_it);
151
	}
152 1698 Luisehahne
153 1365 Luisehahne
	// Check if there is at least one active section on this page
154 1698 Luisehahne
	public function page_is_active($page)
155 1365 Luisehahne
    {
156
		global $database;
157
		$now = time();
158 1698 Luisehahne
		$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'sections` ';
159
		$sql .= 'WHERE ('.$now.' BETWEEN `publ_start` AND `publ_end`) OR ';
160
		$sql .=       '('.$now.' > `publ_start` AND `publ_end`=0) ';
161
		$sql .=       'AND `page_id`='.(int)$page['page_id'];
162
		return ($database->get_one($sql) != false);
163
   	}
164 1365 Luisehahne
165
	// Check whether we should show a page or not (for front-end)
166 1698 Luisehahne
	public function show_page($page)
167 1365 Luisehahne
    {
168 1698 Luisehahne
		if( !is_array($page) )
169
		{
170
			$sql  = 'SELECT `page_id`, `visibility`, `viewing_groups`, `viewing_users` ';
171
			$sql .= 'FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.(int)$page;
172
			if( ($res_pages = $database->query($sql))!= null )
173
			{
174
				if( !($page = $res_pages->fetchRow()) ) { return false; }
175
			}
176
		}
177
		return ($this->page_is_visible($page) && $this->page_is_active($page));
178 1365 Luisehahne
	}
179
180
	// Check if the user is already authenticated or not
181 1698 Luisehahne
	public function is_authenticated() {
182 1487 DarkViper
		$retval = ( isset($_SESSION['USER_ID']) AND
183
		            $_SESSION['USER_ID'] != "" AND
184
		            is_numeric($_SESSION['USER_ID']));
185
        return $retval;
186 1365 Luisehahne
	}
187
188
	// Modified addslashes function which takes into account magic_quotes
189
	function add_slashes($input) {
190 1487 DarkViper
		if( get_magic_quotes_gpc() || (!is_string($input)) ) {
191 1365 Luisehahne
			return $input;
192
		}
193 1487 DarkViper
		return addslashes($input);
194 1365 Luisehahne
	}
195
196
	// Ditto for stripslashes
197
	// Attn: this is _not_ the counterpart to $this->add_slashes() !
198
	// Use stripslashes() to undo a preliminarily done $this->add_slashes()
199
	// The purpose of $this->strip_slashes() is to undo the effects of magic_quotes_gpc==On
200
	function strip_slashes($input) {
201
		if ( !get_magic_quotes_gpc() || ( !is_string($input) ) ) {
202
			return $input;
203
		}
204 1487 DarkViper
		return stripslashes($input);
205 1365 Luisehahne
	}
206
207
	// Escape backslashes for use with mySQL LIKE strings
208
	function escape_backslashes($input) {
209
		return str_replace("\\","\\\\",$input);
210
	}
211
212
	function page_link($link){
213
		// Check for :// in the link (used in URL's) as well as mailto:
214 1373 Luisehahne
		if(strstr($link, '://') == '' AND substr($link, 0, 7) != 'mailto:') {
215 1365 Luisehahne
			return WB_URL.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
216
		} else {
217
			return $link;
218
		}
219
	}
220 1698 Luisehahne
221 1365 Luisehahne
	// Get POST data
222
	function get_post($field) {
223 1487 DarkViper
		return (isset($_POST[$field]) ? $_POST[$field] : null);
224 1365 Luisehahne
	}
225
226
	// Get POST data and escape it
227
	function get_post_escaped($field) {
228
		$result = $this->get_post($field);
229
		return (is_null($result)) ? null : $this->add_slashes($result);
230
	}
231 1698 Luisehahne
232 1365 Luisehahne
	// Get GET data
233
	function get_get($field) {
234 1487 DarkViper
		return (isset($_GET[$field]) ? $_GET[$field] : null);
235 1365 Luisehahne
	}
236
237
	// Get SESSION data
238
	function get_session($field) {
239 1487 DarkViper
		return (isset($_SESSION[$field]) ? $_SESSION[$field] : null);
240 1365 Luisehahne
	}
241
242
	// Get SERVER data
243
	function get_server($field) {
244 1487 DarkViper
		return (isset($_SERVER[$field]) ? $_SERVER[$field] : null);
245 1365 Luisehahne
	}
246
247
	// Get the current users id
248
	function get_user_id() {
249 1511 Luisehahne
		return $this->get_session('USER_ID');
250 1365 Luisehahne
	}
251
252 1373 Luisehahne
	// Get the current users group id
253 1365 Luisehahne
	function get_group_id() {
254 1511 Luisehahne
		return $this->get_session('GROUP_ID');
255 1365 Luisehahne
	}
256
257
	// Get the current users group ids
258
	function get_groups_id() {
259 1511 Luisehahne
		return explode(",", $this->get_session('GROUPS_ID'));
260 1365 Luisehahne
	}
261
262
	// Get the current users group name
263
	function get_group_name() {
264 1511 Luisehahne
		return implode(",", $this->get_session('GROUP_NAME'));
265 1365 Luisehahne
	}
266
267
	// Get the current users group name
268
	function get_groups_name() {
269 1511 Luisehahne
		return $this->get_session('GROUP_NAME');
270 1365 Luisehahne
	}
271
272
	// Get the current users username
273
	function get_username() {
274 1511 Luisehahne
		return $this->get_session('USERNAME');
275 1365 Luisehahne
	}
276
277
	// Get the current users display name
278
	function get_display_name() {
279 1511 Luisehahne
		return $this->get_session('DISPLAY_NAME');
280 1365 Luisehahne
	}
281
282
	// Get the current users email address
283
	function get_email() {
284 1511 Luisehahne
		return $this->get_session('EMAIL');
285 1365 Luisehahne
	}
286
287
	// Get the current users home folder
288
	function get_home_folder() {
289 1511 Luisehahne
		return $this->get_session('HOME_FOLDER');
290 1365 Luisehahne
	}
291
292
	// Get the current users timezone
293
	function get_timezone() {
294 1487 DarkViper
		return (isset($_SESSION['USE_DEFAULT_TIMEZONE']) ? '-72000' : $_SESSION['TIMEZONE']);
295 1365 Luisehahne
	}
296
297 1373 Luisehahne
	// Validate supplied email address
298
	function validate_email($email) {
299
		if(function_exists('idn_to_ascii')){ /* use pear if available */
300
			$email = idn_to_ascii($email);
301
		}else {
302
			require_once(WB_PATH.'/include/idna_convert/idna_convert.class.php');
303
			$IDN = new idna_convert();
304
			$email = $IDN->encode($email);
305
			unset($IDN);
306 1372 Luisehahne
		}
307 1378 Luisehahne
		// regex from NorHei 2011-01-11
308
		$retval = preg_match("/^((([!#$%&'*+\\-\/\=?^_`{|}~\w])|([!#$%&'*+\\-\/\=?^_`{|}~\w][!#$%&'*+\\-\/\=?^_`{|}~\.\w]{0,}[!#$%&'*+\\-\/\=?^_`{|}~\w]))[@]\w+(([-.]|\-\-)\w+)*\.\w+(([-.]|\-\-)\w+)*)$/", $email);
309
		return ($retval != false);
310 1372 Luisehahne
	}
311
312 1698 Luisehahne
	/**
313
     * replace header('Location:...  with new method
314
	 * if header send failed you get a manuell redirected link, so script don't break
315 1777 Luisehahne
	 *
316 1698 Luisehahne
	 * @param string $location, redirected url
317
	 * @return void
318
	 */
319
	public function send_header ($location) {
320
		if(!headers_sent()) {
321
			header('Location: '.$location);
322
		    exit(0);
323
		} else {
324
//			$aDebugBacktrace = debug_backtrace();
325
//			array_walk( $aDebugBacktrace, create_function( '$a,$b', 'print "<br /><b>". basename( $a[\'file\'] ). "</b> &nbsp; <font color=\"red\">{$a[\'line\']}</font> &nbsp; <font color=\"green\">{$a[\'function\']} ()</font> &nbsp; -- ". dirname( $a[\'file\'] ). "/";' ) );
326
		    $msg =  "<div style=\"text-align:center;\"><h2>An error has occurred</h2><p>The <strong>Redirect</strong> could not be start automatically.\n" .
327
		         "Please click <a style=\"font-weight:bold;\" " .
328
		         "href=\"".$location."\">on this link</a> to continue!</p></div>\n";
329
330
			throw new AppException($msg);
331
		}
332
	}
333
334 1372 Luisehahne
/* ****************
335 1365 Luisehahne
 * set one or more bit in a integer value
336
 *
337
 * @access public
338
 * @param int $value: reference to the integer, containing the value
339
 * @param int $bits2set: the bitmask witch shall be added to value
340
 * @return void
341
 */
342
	function bit_set( &$value, $bits2set )
343
	{
344
		$value |= $bits2set;
345
	}
346
347
/* ****************
348
 * reset one or more bit from a integer value
349
 *
350
 * @access public
351
 * @param int $value: reference to the integer, containing the value
352
 * @param int $bits2reset: the bitmask witch shall be removed from value
353
 * @return void
354
 */
355
	function bit_reset( &$value, $bits2reset)
356
	{
357
		$value &= ~$bits2reset;
358
	}
359
360
/* ****************
361
 * check if one or more bit in a integer value are set
362
 *
363
 * @access public
364
 * @param int $value: reference to the integer, containing the value
365
 * @param int $bits2set: the bitmask witch shall be added to value
366
 * @return void
367
 */
368
	function bit_isset( $value, $bits2test )
369
	{
370
		return (($value & $bits2test) == $bits2test);
371
	}
372
373
	// Print a success message which then automatically redirects the user to another page
374 1373 Luisehahne
	function print_success( $message, $redirect = 'index.php' ) {
375 1365 Luisehahne
	    global $TEXT;
376 1443 Luisehahne
        if(is_array($message)) {
377
           $message = implode ('<br />',$message);
378
        }
379 1373 Luisehahne
	    // fetch redirect timer for sucess messages from settings table
380 1397 Luisehahne
	    $redirect_timer = ((defined( 'REDIRECT_TIMER' )) && (REDIRECT_TIMER <= 10000)) ? REDIRECT_TIMER : 0;
381 1365 Luisehahne
	    // add template variables
382 1529 Luisehahne
		// Setup template object, parse vars to it, then parse it
383 1625 Luisehahne
		$tpl = new Template(dirname($this->correct_theme_source('success.htt')));
384 1365 Luisehahne
	    $tpl->set_file( 'page', 'success.htt' );
385
	    $tpl->set_block( 'page', 'main_block', 'main' );
386 1373 Luisehahne
	    $tpl->set_block( 'main_block', 'show_redirect_block', 'show_redirect' );
387
	    $tpl->set_var( 'MESSAGE', $message );
388
	    $tpl->set_var( 'REDIRECT', $redirect );
389
	    $tpl->set_var( 'REDIRECT_TIMER', $redirect_timer );
390 1372 Luisehahne
	    $tpl->set_var( 'NEXT', $TEXT['NEXT'] );
391
	    $tpl->set_var( 'BACK', $TEXT['BACK'] );
392 1397 Luisehahne
	    if ($redirect_timer == -1) {
393 1365 Luisehahne
	        $tpl->set_block( 'show_redirect', '' );
394 1373 Luisehahne
	    }
395
	    else {
396 1365 Luisehahne
	        $tpl->parse( 'show_redirect', 'show_redirect_block', true );
397
	    }
398
	    $tpl->parse( 'main', 'main_block', false );
399
	    $tpl->pparse( 'output', 'page' );
400
	}
401
402
	// Print an error message
403 1373 Luisehahne
	function print_error($message, $link = 'index.php', $auto_footer = true) {
404 1365 Luisehahne
		global $TEXT;
405 1443 Luisehahne
        if(is_array($message)) {
406
           $message = implode ('<br />',$message);
407
        }
408 1529 Luisehahne
		// Setup template object, parse vars to it, then parse it
409 1625 Luisehahne
		$success_template = new Template(dirname($this->correct_theme_source('error.htt')));
410 1365 Luisehahne
		$success_template->set_file('page', 'error.htt');
411
		$success_template->set_block('page', 'main_block', 'main');
412
		$success_template->set_var('MESSAGE', $message);
413
		$success_template->set_var('LINK', $link);
414
		$success_template->set_var('BACK', $TEXT['BACK']);
415
		$success_template->parse('main', 'main_block', false);
416
		$success_template->pparse('output', 'page');
417
		if ( $auto_footer == true ) {
418
			if ( method_exists($this, "print_footer") ) {
419
				$this->print_footer();
420
			}
421
		}
422
		exit();
423
	}
424 1684 Luisehahne
/*
425
 * @param string $message: the message to format
426
 * @param string $status:  ('ok' / 'error' / '') status defines the apereance of the box
427
 * @return string: the html-formatted message (using template 'message.htt')
428
 */
429
	public function format_message($message, $status = 'ok')
430
	{
431
		$id = uniqid('x');
432
		$tpl = new Template(dirname($this->correct_theme_source('message.htt')));
433
		$tpl->set_file('page', 'message.htt');
434
		$tpl->set_block('page', 'main_block', 'main');
435
		$tpl->set_var('MESSAGE', $message);
436
 	    $tpl->set_var( 'THEME_URL', THEME_URL );
437
		$tpl->set_var( 'ID', $id );
438
		if($status == 'ok' || $status == 'error' || $status = 'warning')
439
		{
440
			$tpl->set_var('BOX_STATUS', ' box-'.$status);
441
		}else
442
		{
443
			$tpl->set_var('BOX_STATUS', '');
444
		}
445
		$tpl->set_var('STATUS', $status);
446
		if(!defined('REDIRECT_TIMER') ) { define('REDIRECT_TIMER', -1); }
447
		$retval = '';
448
		if( $status != 'error' )
449
		{
450
			switch(REDIRECT_TIMER):
451
				case 0: // do not show message
452
					unset($tpl);
453
					break;
454
				case -1: // show message permanently
455
					$tpl->parse('main', 'main_block', false);
456
					$retval = $tpl->finish($tpl->parse('output', 'page', false));
457
					unset($tpl);
458
					break;
459
				default: // hide message after REDIRECTOR_TIMER milliseconds
460
					$retval = '<script type="text/javascript">/* <![CDATA[ */ function '.$id.'_hide() {'.
461
							  'document.getElementById(\''.$id.'\').style.display = \'none\';}'.
462
							  'window.setTimeout(\''.$id.'_hide()\', '.REDIRECT_TIMER.');/* ]]> */ </script>';
463
					$tpl->parse('main', 'main_block', false);
464
					$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
465
					unset($tpl);
466
			endswitch;
467
		}else
468
		{
469
			$tpl->parse('main', 'main_block', false);
470
			$retval = $tpl->finish($tpl->parse('output', 'page', false)).$retval;
471
			unset($tpl);
472
		}
473
		return $retval;
474
	}
475 1782 Luisehahne
/*
476
 * @param string $type: 'locked'(default)  or 'new'
477
 * @return void: terminates application
478
 * @description: 'locked' >> Show maintenance screen and terminate, if system is locked
479
 *               'new' >> Show 'new site under construction'(former print_under_construction)
480
 */
481
	public function ShowMaintainScreen($type = 'locked')
482
	{
483
		global $database, $MESSAGE;
484
		$CHECK_BACK = $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'];
485
		$BE_PATIENT = '';
486
		$LANGUAGE   = strtolower((isset($_SESSION['LANGUAGE']) ? $_SESSION['LANGUAGE'] : LANGUAGE ));
487 1365 Luisehahne
488 1782 Luisehahne
		$show_screen = false;
489
		if($type == 'locked')
490
		{
491
			$curr_user = (intval(isset($_SESSION['USER_ID']) ? $_SESSION['USER_ID'] : 0) ) ;
492
			if( (defined('SYSTEM_LOCKED') && (int)SYSTEM_LOCKED == 1) && ($curr_user != 1))
493
			{
494
				header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
495
	// first kick logged users out of the system
496
		// delete all remember keys from table 'user' except user_id=1
497
				$sql  = 'UPDATE `'.TABLE_PREFIX.'users` SET `remember_key`=\'\' ';
498
				$sql .= 'WHERE `user_id`<>1';
499
				$database->query($sql);
500
		// delete remember key-cookie if set
501
				if (isset($_COOKIE['REMEMBER_KEY'])) {
502
					setcookie('REMEMBER_KEY', '', time() - 3600, '/');
503
				}
504
		// overwrite session array
505
				$_SESSION = array();
506
		// delete session cookie if set
507
				if (ini_get("session.use_cookies")) {
508
					$params = session_get_cookie_params();
509
					setcookie(session_name(), '', time() - 42000, $params["path"],
510
						$params["domain"], $params["secure"], $params["httponly"]
511
					);
512
				}
513
		// delete the session itself
514
				session_destroy();
515
				$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_LOCKED'];
516
				$BE_PATIENT = $MESSAGE['GENERIC_BE_PATIENT'];
517
				$PAGE_ICON  = 'system';
518
				$show_screen = true;
519
			}
520
		} else {
521
			header($_SERVER['SERVER_PROTOCOL'].' 503 Service Unavailable');
522
			$PAGE_TITLE = $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'];
523
			$PAGE_ICON  = 'negative';
524
			$show_screen = true;
525
		}
526
		if($show_screen)
527
		{
528
            $sMaintanceFile = $this->correct_theme_source('maintance.htt');
529
    		if(file_exists($sMaintanceFile))
530
    		{
531
                $tpl = new Template(dirname( $sMaintanceFile ));
532
    		    $tpl->set_file( 'page', 'maintance.htt' );
533
    		    $tpl->set_block( 'page', 'main_block', 'main' );
534
535
    			if(defined('DEFAULT_CHARSET'))
536
    			{
537
    				$charset=DEFAULT_CHARSET;
538
    			} else {
539
    				$charset='utf-8';
540
    			}
541
    		    $tpl->set_var( 'PAGE_TITLE', $MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'] );
542
    	 	    $tpl->set_var( 'CHECK_BACK', $MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'] );
543
    	 	    $tpl->set_var( 'CHARSET', $charset );
544
    	 	    $tpl->set_var( 'WB_URL', WB_URL );
545
    	 	    $tpl->set_var( 'BE_PATIENT', $BE_PATIENT );
546
    	 	    $tpl->set_var( 'THEME_URL', THEME_URL );
547
    			$tpl->set_var( 'PAGE_ICON', $PAGE_ICON);
548
    			$tpl->set_var( 'LANGUAGE', strtolower(LANGUAGE));
549
    		    $tpl->parse( 'main', 'main_block', false );
550
    		    $tpl->pparse( 'output', 'page' );
551
                exit();
552
    		} else {
553
    		 require_once(WB_PATH.'/languages/'.DEFAULT_LANGUAGE.'.php');
554
    		echo '<!DOCTYPE html PUBLIC "-W3CDTD XHTML 1.0 TransitionalEN" "http:www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
555
    		<head><title>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</title>
556
    		<style type="text/css"><!-- body{ font-family: Verdana, Arial, Helvetica, sans-serif;font-size: 12px; background-image: url("'.WB_URL.'/templates/'.DEFAULT_THEME.'/images/background.png");background-repeat: repeat-x; background-color: #A8BCCB; text-align: center; }
557
    		h1 { margin: 0; padding: 0; font-size: 18px; color: #000; text-transform: uppercase;}--></style></head><body>
558
    		<br /><h1>'.$MESSAGE['GENERIC_WEBSITE_UNDER_CONSTRUCTION'].'</h1><br />
559
    		'.$MESSAGE['GENERIC_PLEASE_CHECK_BACK_SOON'].'</body></html>';
560
    		}
561
    		flush();
562
            exit();
563
		}
564
	}
565
566 1365 Luisehahne
	// Validate send email
567 1650 darkviper
	function mail($fromaddress, $toaddress, $subject, $message, $fromname='', $replyTo='') {
568 1698 Luisehahne
/*
569 1487 DarkViper
	INTEGRATED OPEN SOURCE PHPMAILER CLASS FOR SMTP SUPPORT AND MORE
570
	SOME SERVICE PROVIDERS DO NOT SUPPORT SENDING MAIL VIA PHP AS IT DOES NOT PROVIDE SMTP AUTHENTICATION
571
	NEW WBMAILER CLASS IS ABLE TO SEND OUT MESSAGES USING SMTP WHICH RESOLVE THESE ISSUE (C. Sommer)
572 1365 Luisehahne
573 1487 DarkViper
	NOTE:
574
	To use SMTP for sending out mails, you have to specify the SMTP host of your domain
575
	via the Settings panel in the backend of Website Baker
576 1698 Luisehahne
*/
577 1365 Luisehahne
578
		$fromaddress = preg_replace('/[\r\n]/', '', $fromaddress);
579
		$toaddress = preg_replace('/[\r\n]/', '', $toaddress);
580
		$subject = preg_replace('/[\r\n]/', '', $subject);
581 1650 darkviper
		$replyTo = preg_replace('/[\r\n]/', '', $replyTo);
582 1463 Luisehahne
		// $message_alt = $message;
583
		// $message = preg_replace('/[\r\n]/', '<br \>', $message);
584
585 1365 Luisehahne
		// create PHPMailer object and define default settings
586
		$myMail = new wbmailer();
587
		// set user defined from address
588
		if ($fromaddress!='') {
589 1487 DarkViper
			if($fromname!='') $myMail->FromName = $fromname;  // FROM-NAME
590
			$myMail->From = $fromaddress;                     // FROM:
591 1650 darkviper
//			$myMail->AddReplyTo($fromaddress);                // REPLY TO:
592
		}
593
		if($replyTo) {
594 1655 Luisehahne
			$myMail->AddReplyTo($replyTo);                // REPLY TO:
595 1365 Luisehahne
		}
596
		// define recepient and information to send out
597 1487 DarkViper
		$myMail->AddAddress($toaddress);                      // TO:
598
		$myMail->Subject = $subject;                          // SUBJECT
599
		$myMail->Body = nl2br($message);                      // CONTENT (HTML)
600
		$myMail->AltBody = strip_tags($message);              // CONTENT (TEXT)
601 1365 Luisehahne
		// check if there are any send mail errors, otherwise say successful
602
		if (!$myMail->Send()) {
603
			return false;
604
		} else {
605
			return true;
606
		}
607
	}
608
609 1625 Luisehahne
	 /**
610
	  * checks if there is an alternative Theme template
611
	  *
612
	  * @param string $sThemeFile set the template.htt
613
	  * @return string the relative theme path
614
	  *
615
	  */
616
        function correct_theme_source($sThemeFile = 'start.htt') {
617
		$sRetval = $sThemeFile;
618
		if (file_exists(THEME_PATH.'/templates/'.$sThemeFile )) {
619
			$sRetval = THEME_PATH.'/templates/'.$sThemeFile;
620
		} else {
621 1641 Luisehahne
			if (file_exists(ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile ) ) {
622
			$sRetval = ADMIN_PATH.'/skel/themes/htt/'.$sThemeFile;
623 1625 Luisehahne
			} else {
624
				throw new InvalidArgumentException('missing template file '.$sThemeFile);
625
			}
626
		}
627
		return $sRetval;
628
        }
629 1529 Luisehahne
630
	/**
631
	 * Check if a foldername doesn't have invalid characters
632
	 *
633
	 * @param String $str to check
634
	 * @return Bool
635
	 */
636
	function checkFolderName($str){
637
		return !( preg_match('#\^|\\\|\/|\.|\?|\*|"|\'|\<|\>|\:|\|#i', $str) ? TRUE : FALSE );
638
	}
639
640
	/**
641
	 * Check the given path to make sure current path is within given basedir
642
	 * normally document root
643
	 *
644
	 * @param String $sCurrentPath
645
	 * @param String $sBaseDir
646
	 * @return $sCurrentPath or FALSE
647
	 */
648
	function checkpath($sCurrentPath, $sBaseDir = WB_PATH){
649
		// Clean the cuurent path
650
        $sCurrentPath = rawurldecode($sCurrentPath);
651
        $sCurrentPath = realpath($sCurrentPath);
652
        $sBaseDir = realpath($sBaseDir);
653
		// $sBaseDir needs to exist in the $sCurrentPath
654
		$pos = stripos ($sCurrentPath, $sBaseDir );
655
656
		if ( $pos === FALSE ){
657
			return false;
658
		} elseif( $pos == 0 ) {
659
			return $sCurrentPath;
660
		} else {
661
			return false;
662
		}
663
	}
664
665 1777 Luisehahne
	/**
666
     *
667 1801 Luisehahne
     * remove <?php code ?>, [[text]], link, script, scriptblock and styleblock from a given string
668 1777 Luisehahne
     * and return the cleaned string
669
	 *
670
	 * @param string $sValue
671
     * @returns
672
     *    false: if @param is not a string
673
     *    string: cleaned string
674
	 */
675 1801 Luisehahne
	public function StripCodeFromText($sValue, $bPhpCode=false){
676 1777 Luisehahne
        if(!is_string($sValue)) { return false; }
677 1801 Luisehahne
        $sValue = ( ($bPhpCode==true) ? preg_replace ('/\[\[.*?\]\]\s*?|<\?php\s+.*\?>\s*?/isU', '', $sValue ) : $sValue );
678 1777 Luisehahne
        $sPattern = '/\[\[.*?\]\]\s*?|<!--\s+.*?-->\s*?|<(script|link|style)[^>]*\/>\s*?|<(script|link|style)[^>]*?>.*?<\/\2>\s*?|\s*$/isU';
679
        return (preg_replace ($sPattern, '', $sValue));
680
	}
681
682
683 1365 Luisehahne
}